package com.hddf.project.auth.actions;

import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;

import com.hddf.project.auth.json_util.JsonProvider;
import com.hddf.project.auth.pojos.User;
import com.hddf.project.auth.service.MongoDB_Query;
import com.hddf.project.auth.service.WebLoginService;
import com.mongodb.DBObject;


public class WebTokenAction extends BaseAction{
	
	private static final long serialVersionUID = 15765754699L;
	private String token;
	private String time;
	private String uri;
	
	@SuppressWarnings("finally")
	public String checkWebloginToken(){
		System.out.println("+++++check+++++");
		HttpServletRequest request = getRequest();
		//HttpServletResponse response = getResponse();
		Map<String,Object> map = new HashMap<String,Object>();
		String state = "";
		String msg = "";
		User u = null;
		Map<String,Object> m = null;
		try {
			WebLoginService wls = WebLoginService.getInstance();
			 MongoDB_Query mq = MongoDB_Query.getInstance();
			 System.out.println("===66===555");
			if(null==token|| "".equals(token)){
				state = "error";
				msg = "没有令牌,请登录";
			}else{
				String web_token = token;
				String web_time = time;
				System.out.println("===66===555"+web_time);
				//mq.getSimpleUserByWebToken(web_token);
				m = wls.checkWebToken(web_token,web_time);
				String str = (String)m.get("msg");
				if(!"".equals(str)){
					state = "error";
					msg = str;
				}else{
					String webtoken = (String)m.get("web_token");
					//cs.addCookie(response, "to",webtoken , 0);
					state = "ok";
					u = (User)m.get("u");
					map.put("user", u);
					map.put("webtoken",webtoken);
					//检验权限
					System.out.println("uri: "+uri);
					boolean rs = false;
					if(null!=uri && !"".equals(uri)){
						String permission = u.getPermission();
						if("all".equals(permission)){
							rs = true;
						}else{
							List<DBObject> list = mq.getAuthByUser(u.getPermission());
							for(int i=0;i<list.size();i++){
								rs = list.get(i).get("url").toString().contains(uri);
								if(rs)
									break;
							}
						}
						if(rs){
							map.put("permission", "ok");
						}else{
							map.put("permission", "error");
						}
					}else{
						map.put("permission", "error");
					}
					//检验权限
				}
			}
		} catch (Exception e) {
			e.printStackTrace();
			state = "error";
		} finally {
			map.put("state", state);
			map.put("msg", msg);
			request.setAttribute("result", JsonProvider.getCommonJson(map));
			return "simpleResult";
		}
	}
	
	@SuppressWarnings("finally")
	public String checkPermissionByWebToken(){
		System.out.println("+++++check permission+++++");
		HttpServletRequest request = getRequest();
		//HttpServletResponse response = getResponse();
		Map<String,Object> map = new HashMap<String,Object>();
		String state = "";
		String msg = "";
		User u = null;
		try {
			MongoDB_Query mq = MongoDB_Query.getInstance();
			if(null==token|| "".equals(token)){
				state = "error";
				msg = "没有令牌,请登录";
			}else{
				String web_token = token;
				DBObject obj = mq.getSimpleUserByWebToken(web_token);
				if(null==obj){
					state = "error";
					msg = "令牌过期";
				}else{
					//检验权限
					state = "ok";
					boolean rs = false;
					if(null!=uri && !"".equals(uri)){
						String permission = (String)obj.get("permission");
						if("all".equals(permission)){
							rs = true;
						}else{
							List<DBObject> list = mq.getAuthByUser(permission);
							for(int i=0;i<list.size();i++){
								rs = list.get(i).get("url").toString().contains(uri);
								if(rs)
									break;
							}
						}
						if(rs){
							map.put("permission", "ok");
						}else{
							map.put("permission", "error");
						}
					}else{
						map.put("permission", "error");
					}
					//检验权限
				}
			}
		} catch (Exception e) {
			e.printStackTrace();
			state = "error";
		} finally {
			map.put("state", state);
			map.put("msg", msg);
			request.setAttribute("result", JsonProvider.getCommonJson(map));
			return "simpleResult";
		}
	}


	public String getToken() {
		return token;
	}


	public void setToken(String token) {
		this.token = token;
	}


	public String getTime() {
		return time;
	}


	public void setTime(String time) {
		this.time = time;
	}


	public String getUri() {
		return uri;
	}


	public void setUri(String uri) {
		this.uri = uri;
	}
	

}
